public function loginByToken(Token $token) { $uid = $token->getClaim('uid'); try { $this->user = $this->usersRepository->getById($uid); } catch (UserNotFoundException $e) { // do nothing here } }
/** * Validates JWT token * * @param Token $token * @throws ExpiredTokenException when token has expired and can be refreshed * @throws InvalidTokenException when token has expired or is invalid */ protected function validateToken(Token $token = null) { if (null === $token) { throw new InvalidTokenException(); } $exp = (new \DateTime())->setTimestamp($token->getClaim('exp')); $now = date_create(); $refreshTtl = \DateInterval::createFromDateString($this->refreshTtl); if ($now < $exp) { return; } if ($exp->add($refreshTtl) > $now) { throw new ExpiredTokenException(); } throw new InvalidTokenException(); }
/** * @test * * @uses Lcobucci\JWT\Token::__construct * @uses Lcobucci\JWT\Token::setEncoder * * @covers Lcobucci\JWT\Token::__toString * @covers Lcobucci\JWT\Token::getPayload */ public function toStringMustReturnEncodedData() { $signature = $this->getMock(Signature::class, [], [], '', false); $signature->expects($this->any())->method('__toString')->willReturn('test'); $token = new Token(['alg' => 'none'], [], $signature); $token->setEncoder($this->encoder); $this->createMockExpectations('test'); $this->assertEquals('test.test.test', (string) $token); }
/** * {@inheritDoc} */ private function shouldTokenBeRefreshed(Token $token) : bool { if (!$token->hasClaim(self::ISSUED_AT_CLAIM)) { return false; } return $this->timestamp() >= $token->getClaim(self::ISSUED_AT_CLAIM) + $this->refreshTime; }
/** * Get the unique key held within the blacklist. * * @param \Lcobucci\JWT\Token $token * * @return mixed */ public function getKey(Token $token) { return $token->getClaim($this->key); }
/** * @test * * @uses Lcobucci\JWT\Token::__construct * @uses Lcobucci\JWT\ValidationData::__construct * @uses Lcobucci\JWT\ValidationData::get * @uses Lcobucci\JWT\ValidationData::has * @uses Lcobucci\JWT\ValidationData::setIssuer * @uses Lcobucci\JWT\Claim\Basic::__construct * @uses Lcobucci\JWT\Claim\Basic::getName * @uses Lcobucci\JWT\Claim\Basic::getValue * @uses Lcobucci\JWT\Claim\EqualsTo::__construct * @uses Lcobucci\JWT\Claim\EqualsTo::validate * @uses Lcobucci\JWT\Claim\LesserOrEqualsTo::__construct * @uses Lcobucci\JWT\Claim\LesserOrEqualsTo::validate * @uses Lcobucci\JWT\Claim\GreaterOrEqualsTo::__construct * @uses Lcobucci\JWT\Claim\GreaterOrEqualsTo::validate * * @covers Lcobucci\JWT\Token::validate * @covers Lcobucci\JWT\Token::getValidatableClaims */ public function validateShouldReturnTrueWhenThereAreNoFailedValidatableClaims() { $now = time(); $token = new Token([], ['iss' => new EqualsTo('iss', 'test'), 'iat' => new LesserOrEqualsTo('iat', $now), 'exp' => new GreaterOrEqualsTo('ext', $now + 500), 'testing' => new Basic('testing', 'test')]); $data = new ValidationData($now + 10); $data->setIssuer('test'); $this->assertTrue($token->validate($data)); }
/** * @param ParsedToken $parsed * @return array */ protected function getTokenMetadata(ParsedToken $parsed) { $metadata = []; foreach ($parsed->getClaims() as $name => $claim) { $metadata[$name] = $claim->getValue(); } return $metadata; }
protected function getTokenCredentials(Token $token) { $creds = []; foreach ($this->config['payload'] as $property) { $creds[$property] = $token->getClaim($property); } return $creds; }
/** * @param Token $token * @return bool */ public function validateToken(Token $token) : bool { return $token->validate($this->validationData) && $token->verify($this->signer, $this->secret); }
/** * Returns the resultant token * * @return Token */ public function getToken() { $token = new Token($this->headers, $this->claims, $this->signature); $token->setEncoder($this->encoder); return $token; }
public function deSerialize(Token $token) : Data { return Data::fromJsonString($token->getClaim('data')); }
/** * @test * * @uses Lcobucci\JWT\Token::__construct * * @covers Lcobucci\JWT\Token::getPayload */ public function getPayloadShouldReturnAStringWithTheTwoEncodePartsThatGeneratedTheToken() { $token = new Token(['alg' => 'none'], [], null, ['test1', 'test2', 'test3']); $this->assertEquals('test1.test2', $token->getPayload()); }
/** * @inheritdoc */ public function isValid(Token $token) { $signer = new Sha256(); $key = new Key($this->pathPublicKey); if (!$token->verify($signer, $key)) { throw new InvalidDefinitionException('Invalid token'); } $data = new ValidationData(); $data->setIssuer($token->getClaim('iss')); $data->setAudience($token->getClaim('aud')); $data->setId($token->getClaim('jti')); $isValid = $token->validate($data); if (!$isValid) { throw new AuthenticationExpiredException('The access token has expired'); } return $isValid; }
/** * @test * * @depends builderCanGenerateAToken * * @covers Lcobucci\JWT\Builder * @covers Lcobucci\JWT\Parser * @covers Lcobucci\JWT\Token * @covers Lcobucci\JWT\Signature * @covers Lcobucci\JWT\Claim\Factory * @covers Lcobucci\JWT\Claim\Basic * @covers Lcobucci\JWT\Signer\Key * @covers Lcobucci\JWT\Signer\BaseSigner * @covers Lcobucci\JWT\Signer\Rsa * @covers Lcobucci\JWT\Signer\Rsa\Sha256 */ public function verifyShouldReturnTrueWhenKeyIsRight(Token $token) { $this->assertTrue($token->verify($this->signer, self::$rsaKeys['public'])); }
/** * @test * * @dataProvider invalidValidationData * * @depends builderCanGenerateAToken * * @covers Lcobucci\JWT\Builder * @covers Lcobucci\JWT\Parser * @covers Lcobucci\JWT\Token * @covers Lcobucci\JWT\ValidationData * @covers Lcobucci\JWT\Claim\Factory * @covers Lcobucci\JWT\Claim\Basic * @covers Lcobucci\JWT\Claim\EqualsTo * @covers Lcobucci\JWT\Claim\GreaterOrEqualsTo * @covers Lcobucci\JWT\Parsing\Encoder * @covers Lcobucci\JWT\Parsing\Decoder */ public function tokenValidationShouldReturnFalseWhenExpectedDataDontMatch(ValidationData $data, Token $generated) { $this->assertFalse($generated->validate($data)); }
/** * @test * * @depends builderCanGenerateAToken * * @covers \Lcobucci\JWT\Configuration * @covers \Lcobucci\JWT\Builder * @covers \Lcobucci\JWT\Parser * @covers \Lcobucci\JWT\Token * @covers \Lcobucci\JWT\Signature * @covers \Lcobucci\JWT\Claim\Factory * @covers \Lcobucci\JWT\Claim\Basic * @covers \Lcobucci\JWT\Signer\Key * @covers \Lcobucci\JWT\Signer\BaseSigner * @covers \Lcobucci\JWT\Signer\Ecdsa * @covers \Lcobucci\JWT\Signer\Ecdsa\KeyParser * @covers \Lcobucci\JWT\Signer\Ecdsa\EccAdapter * @covers \Lcobucci\JWT\Signer\Ecdsa\SignatureSerializer * @covers \Lcobucci\JWT\Signer\Ecdsa\Sha256 */ public function verifyShouldReturnTrueWhenKeyIsRight(Token $token) { self::assertTrue($token->verify($this->config->getSigner(), static::$ecdsaKeys['public1'])); }
/** * validate a given token object * * @param Token $token * @return boolean */ public function validate(Token $token) { $valid = $token->validate($this->rules()); $verified = $token->verify(new Sha256(), config('jwt.key')); return $valid && $verified; }
/** * Verify is validate token in signature. * * @param Lcobucci\JWT\Token $token * * @return bool */ public function isValidByToken(Token $token) { return $token->verify(new Sha256(), env('JWT_SECRET')); }
/** * @param \Lcobucci\JWT\Token $token * @return bool */ public function verify(Token $token) { return $token->verify($this->signer, $this->key); }
/** * @test * * @depends builderCanGenerateAToken * * @covers \Lcobucci\JWT\Configuration * @covers \Lcobucci\JWT\Builder * @covers \Lcobucci\JWT\Parser * @covers \Lcobucci\JWT\Token * @covers \Lcobucci\JWT\Signature * @covers \Lcobucci\JWT\Claim\Factory * @covers \Lcobucci\JWT\Claim\Basic * @covers \Lcobucci\JWT\Signer\Key * @covers \Lcobucci\JWT\Signer\BaseSigner * @covers \Lcobucci\JWT\Signer\Hmac * @covers \Lcobucci\JWT\Signer\Hmac\Sha256 */ public function verifyShouldReturnTrueWhenKeyIsRight(Token $token) { self::assertTrue($token->verify($this->config->getSigner(), 'testing')); }
/** * @param Jwt $jwt * @return bool */ public function verifySignature(Jwt $jwt) { return $jwt->verify($this->signer, $this->publicKey); }
/** * @test * * @depends builderCanGenerateAToken * * @covers Lcobucci\JWT\Builder * @covers Lcobucci\JWT\Parser * @covers Lcobucci\JWT\Token * @covers Lcobucci\JWT\Signature * @covers Lcobucci\JWT\Parsing\Encoder * @covers Lcobucci\JWT\Claim\Factory * @covers Lcobucci\JWT\Claim\Basic * @covers Lcobucci\JWT\Signer\OpenSSL * @covers Lcobucci\JWT\Signer\Ecdsa * @covers Lcobucci\JWT\Signer\Ecdsa\Sha256 */ public function verifyShouldReturnTrueWhenKeyIsRight(Token $token) { $this->assertTrue($token->verify($this->signer, $this->publicEcdsa())); }
/** * @test * * @depends builderCanGenerateAToken * * @covers Lcobucci\JWT\Builder * @covers Lcobucci\JWT\Parser * @covers Lcobucci\JWT\Token * @covers Lcobucci\JWT\Signature * @covers Lcobucci\JWT\Claim\Factory * @covers Lcobucci\JWT\Claim\Basic * @covers Lcobucci\JWT\Signer\Key * @covers Lcobucci\JWT\Signer\BaseSigner * @covers Lcobucci\JWT\Signer\Hmac * @covers Lcobucci\JWT\Signer\Hmac\Sha256 */ public function verifyShouldReturnTrueWhenKeyIsRight(Token $token) { $this->assertTrue($token->verify($this->signer, 'testing')); }
/** * Validate token * @param Token $token token object * @return bool */ public function verifyToken(Token $token) { $alg = $token->getHeader('alg'); if (empty($this->supportedAlgs[$alg])) { throw new InvalidParamException('Algorithm not supported'); } $signer = Yii::createObject($this->supportedAlgs[$alg]); return $token->verify($signer, $this->key); }